I didn't see an easy way to achieve this behavior without affecting the non-VRF routing lookups (such as deleting non-VRF rules). We have some automated tests that were looking for specific responses, but, of course, those can be changed. Among a few of my colleagues, this became a discussion about maintaining consistent behavior between VRF and non-VRF, such that a ping or some other tool wouldn't respond differently. That's the main reason I asked the question here - to see how important this was in general use. It sounds like in your experience, the specific error message/code hasn't been an issue.
Thanks, Jeff On Fri, Apr 13, 2018 at 4:31 PM, David Ahern <dsah...@gmail.com> wrote: > On 4/13/18 2:23 PM, Jeff Barnhill wrote: >> It seems that the ENETUNREACH response is still desirable in the VRF >> case since the only difference (when using VRF vs. not) is that the >> lookup should be restrained to a specific VRF. > > VRF is just policy routing to a table. If the table wants the lookup to > stop, then it needs a default route. What you are referring to is the > lookup goes through all tables and does not find an answer so it fails > with -ENETUNREACH. I do not know of any way to make that happen with the > existing default route options and in the past 2+ years we have not hit > any s/w that discriminates -ENETUNREACH from -EHOSTUNREACH. > > I take it this is code from your internal code base. Why does it care > between those two failures?